Another top VPN company just pledged to pull its servers out of India

Surfshark logo and interface on a smartphone
(Image credit: Pixabay)

Another of the world's best VPN providers has announced its decision to pull the plug on its Indian servers. 

After ExpressVPN exited India last week, Surfshark has now followed suit, stating that the country's new CERT-In regulations 'go against the core ethos of the company'. 

Expected to come into force on June 27, India's new data retention law will force VPN companies to keep users' data - like IP addresses, real names and usage patterns - for up to five years. They will also be required to hand this information over to authorities upon request. 

Surfshark Head of Legal Gytis Malinauskas said that the company, which operates under a strict no-log policy, is not willing to compromise its values nor its technical base.  

See more

What does this change for Surfshark users in India?

After the new regulations come into effect, Surfshark is set to introduce virtual Indian servers to replace its physical ones in the country, claiming these will be 'functionally identical to physical ones'.

Until then, Surfshark subscribers will be still able to connect to physical servers located in the country as usual. 

Once the virtual servers are available, the provider's users will find those browsing its regular server list. They will have the option to choose to reroute their connection via Singapore or London, while still getting an Indian IP address. The only difference is that the physical server will be located outside the country so that users' data will be secure from Indian authorities' control. 

"Meanwhile, Surfshark will continue to closely monitor the government's attempts to limit internet freedom and encourage discussions intended to persuade the government to hear the arguments of the tech industry," the provider wrote in an official statement (opens in new tab)

Hand holding a smartphone with VPN logo on screen and the Indian flag on the background

(Image credit: Shutterstock)

What is India's new data retention law?

India's new data retention law doesn't affect only VPNs but also cloud storage services, virtual private servers (VPS), data centers, and cryptocurrency exchanges. An attempt to fight back cybercrime, it has been sparking many concerns across the tech sector and privacy advocate groups. 

Commentators are worried that a country with regressive media freedom - India just dropped to 150th out of 180 countries (opens in new tab) in the 2022 Reporters Without Borders’ Press Freedom Index - can easily misuse these directives to enforce their grip on the wider public.

At the same time, experts believe that this climate could have a negative impact on the fast-growing India IT sector too. As Future Market Insights Chief Operating Officer Sudip Saha told TechRadar: "Bans on VPNs will primarily hurt corporate interests by acting as a disincentive to investments and doing business in India."

Chiara Castro
Staff Writer

Chiara is a multimedia journalist, with a special eye for latest trends and issues in cybersecurity. She is a Staff Writer at Future with a focus on VPNs. She mainly writes news and features about data privacy, online censorship and digital rights for TechRadar, Tom's Guide and T3. With a passion for digital storytelling in all its forms, she also loves photography, video making and podcasting. Originally from Milan in Italy, she has been based in Bristol, UK, since 2018.